Lead Infrastructure Engineer – Web Access Protection

End Date

Salary Range

We support flexible working – click here for more information on flexible working options

Flexible Working Options

Job Description Summary

Job Description

JOB TITLE: Lead Infrastructure Engineer – Web Access Protection

SALARY: £92,701 - £109,060

LOCATION(S): Leeds, Edinburgh, Manchester

HOURS: Full Time

WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at one of our office sites.

About this opportunity

The Chief Security Office (CSO) is a vital part of delivering the Group's vision of putting customers at the heart of everything we do, helping Britain prosper and protecting the Group and customers from security threats. We’re responsible for defining and communicating Lloyds Banking Group's security strategy and providing a range of critical Enterprise Security Services which not only operate key controls that keep the Group safe but also enable the digital transformation agenda of the wider organisation.

Lloyds Banking Group is looking for an innovative Lead Infrastructure Engineer to craft the future approach to securing our colleague and machine web access journey within our Edge Security Lab. This role ensures secure, compliant, and adaptable web access and partner integration throughout our estate, including secure enterprise browsing and all SASE components.

We're looking for a driven Lead Engineer with strong technical skills to guide our product development, collaborate with teams, and ensure secure, scalable solutions.

There is an expectation that this role will involve hands-on engineering, as well as line management for a group of engineers.

Key Responsibilities

Technical Leadership

• Lead the development, build, and ongoing improvement of web access protection infrastructure. It supports every component of a new SASE solution, such as proxy services (forward/reverse), protected corporate browsers, and API traffic controls.

• Define and evolve the infrastructure and security strategy related to internet connectivity, including B2B integrations and policy controls (“proxy” / browser).

• Collaborate with product owners to shape the roadmap, with a focus on scalability, automation, and operational resilience.

• Promote infrastructure-as-code principles, automation, and integration with broader security tooling.

• Lead root cause investigations and remediation for major incidents, working with cross-functional security and platform teams.

Team Management

• Line manage and coach a team of Infrastructure Engineers, promoting a high-performance culture.

• Set objectives, provide mentoring, and support continuous professional development.

• Plan and lead team capacity, budgeting, and resource allocation to align with strategic goals.

• Encourage experimentation, innovation, and adoption of modern engineering practices.

• Open to challenges and to challenging the status quo.

Operational Excellence

• Lead the incident and change management lifecycle for web access infrastructure services.

• Oversee the delivery, monitoring, and continuous improvement of the SASE solution, secure enterprise browser, and machine traffic infrastructure.

• Ensure services are highly resilient, documented, and aligned with compliance and audit requirements.

• Maintain strong partnerships with internal product teams and external vendors to ensure service quality.

Risk, Security & Compliance

• Develop and enforce security and access policies for web traffic, aligned to enterprise risk management frameworks.

• Support detection and response efforts by integrating with SIEM and analytics platforms.

• Maintain a strong balance between security and usability, particularly in the context of browser controls and user experience.

• Participate in security reviews, risk assessments, and policy updates for web access platforms.

Why Lloyds Banking Group

We’re on an exciting journey to transform our Group and the way we’re shaping finance for good. We’re focusing on the future, investing in our technologies, workplaces, and colleagues to make our Group a great place for everyone. Including you.

What You’ll Need

• Leadership experience in infrastructure engineering with line management responsibilities.

• Expertise in secure web platforms (e.g., Zscaler, Palo Alto, Blue Coat, McAfee Web Gateways / SkyHigh etc.) and secure enterprise browsers (e.g., Chrome Enterprise, Island, Talon, Edge for Business).

• Experience leading both human web access and machine-to-machine traffic in enterprise environments.

• Familiarity with DevOps practices and CI/CD tooling.

• Strong scripting and automation skills (e.g., Python, PowerShell, Terraform).

• Familiarity with security controls, data loss prevention, and browser isolation techniques.

• Experience coordinating incident resolution and change processes within infrastructure or security services.

• Strong stakeholder management and ability to influence product and platform strategy.

In addition, any experience of these would be useful

• Knowledge of API security and machine identity management.

• Experience with ticketing and ITSM platforms (e.g., ServiceNow, JIRA).

• Experience in regulated environments and responding to audits.

• Participation in an on-call rota and supporting 24/7 services.

• Security certifications (e.g., CISSP, CCSP)

About working for us

Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and communities and we’re committed to creating an environment in which everyone can thrive, learn and develop.

We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer Initiative.

We offer reasonable workplace adjustments for colleagues with disabilities, including flexibility in office attendance, location and working patterns. And, as a Disability Confident Leader, we guarantee interviews for a fair and proportionate number of applicants who meet the minimum criteria for the role with a disability, long-term health or neurodivergent condition through the Disability Confident Scheme.

We provide reasonable adjustments throughout the recruitment process to reduce or remove barriers. Just let us know what you need.

We also offer a wide-ranging benefits package, which includes:

• A generous pension contribution of up to 15%

• An annual performance-related bonus

• Share schemes including free shares

• Benefits you can adapt to your lifestyle, such as discounted shopping

• 30 days’ holiday, with bank holidays on top

• A range of wellbeing initiatives and generous parental leave policies

If you’re excited by the thought of becoming part of our team, get in touch. We’d love to hear from you!

At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop.

We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks.  We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. 

We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we’re building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.